Commit Graph

401 Commits

Author SHA1 Message Date
Martin Zimmermann
4950e7dd4d add unittest for CORS headers 2013-11-05 13:08:21 +01:00
Martin Zimmermann
aa6665c8f0 fix endpoint detection when using require.js 2013-11-05 12:44:31 +01:00
Martin Zimmermann
8d1171df29 improve request decoding and json parsing 2013-11-05 12:44:16 +01:00
Martin Zimmermann
6691810316 handle cross-origin cookies with a custom header X-Set-Cookie, fix #24
Cookies set from a different domain can not be read by JS executed in
the current domain. As a workaround, Isso sends both a Set-Cookie and
X-Set-Cookie header. The former is used by the browser to make the
HTTP request to the API, the latter is read by `embed.min.js` to
determine if a comment can be edited or deleted.

When a comment is deleted, the server sends an expired cookies in
Set-Cookie and X-Set-Cookie.
2013-11-05 12:36:29 +01:00
Martin Zimmermann
05c8b571e2 requirejs-text now uses CORS XHR requests to static files 2013-11-05 01:11:53 +01:00
Martin Zimmermann
6126f0ec6f add CORS middleware to add CORS header to *all* requests 2013-11-05 01:11:28 +01:00
Martin Zimmermann
e3fc33fec4 add backport for werkzeug 0.8 to test matrix 2013-11-04 08:59:42 +01:00
Martin Zimmermann
e14a04ab6c support for werkzeug 0.8 (Python2-only) 2013-11-04 01:13:29 +01:00
Martin Zimmermann
312578457b uwsgi can only cache bytes 2013-11-03 18:55:23 +01:00
Martin Zimmermann
cc2ac11850 inline CSS 2013-11-03 18:55:23 +01:00
Martin Zimmermann
d8a254c304 fix api endpoint detection 2013-11-03 18:55:20 +01:00
Martin Zimmermann
d59fc2ef8e handle OPTIONS request and return CORS headers 2013-11-03 15:18:04 +01:00
Martin Zimmermann
fe63a76960 increase uWSGI's hash cache to 10240 items (=320kb) 2013-11-03 12:55:31 +01:00
Martin Zimmermann
c581e0f05a cache email hash on comment creation 2013-11-03 12:39:51 +01:00
Martin Zimmermann
c567758d81 limit email length to 254 to avoid hash-DDoS 2013-11-03 12:35:33 +01:00
Martin Zimmermann
0473afe2db add profiling option to server configuration 2013-11-03 12:32:38 +01:00
Martin Zimmermann
3c193bef27 request remote_addr only when using the comment form 2013-11-02 18:41:00 +01:00
Martin Zimmermann
7e73986667 remove trailing slash from API endpoint, appendum to 8da9d0b 2013-11-02 18:39:40 +01:00
Martin Zimmermann
375b32a151 Merge branch 'feature/data-attributes' 2013-11-02 18:28:42 +01:00
Martin Zimmermann
8da9d0b13b override API location with data-prefix="..." 2013-11-02 18:26:33 +01:00
Martin Zimmermann
0d07515c18 override HTML title parsing with a data-title="... attribute
If you don't use a <h1> to markup your post's title (but h2), it
is no longer possible to reliable detect the site's title.

E.g. you have a single page with only one <h1> and that's the
*real* title of that page. But on the other hand, it is also
possible, that the <h1> tag is just your website's name and the
actual post title is marked up in <h2>.
2013-11-02 18:21:27 +01:00
Martin Zimmermann
fa496669e2 use lowercase [smtp] as written in the docs 2013-11-02 17:38:01 +01:00
Martin Zimmermann
54413dfcf3 add copyright header to embed.js (and it's MIT not BSD) 2013-11-02 15:31:17 +01:00
Martin Zimmermann
46d5ccc38f fix indentation 2013-11-01 17:29:57 +01:00
Martin Zimmermann
d4aff7a197 Back to development: 0.4 2013-11-01 17:05:24 +01:00
Martin Zimmermann
7a0ee11099 Preparing release 0.3 2013-11-01 17:05:07 +01:00
Martin Zimmermann
c5d52721c4 use cache.delete a) with an actual key and b) only on delete 2013-11-01 17:02:08 +01:00
Martin Zimmermann
b3b26c1117 mv isso.ini to uwsgi.ini 2013-11-01 16:48:48 +01:00
Martin Zimmermann
40c554265b changelog for 0.3 2013-11-01 16:45:39 +01:00
Martin Zimmermann
b115c00150 update README.md 2013-11-01 16:45:21 +01:00
Martin Zimmermann
afcfa91179 add uWSGI docs 2013-11-01 16:43:15 +01:00
Martin Zimmermann
2b7d263735 only create a reply box when needed
Previously this led to unnecessary object creation which impacted the
rendering time (on my machine 200 comments -> 1200ms) just to create
the postbox per comment (just the object initialization)).
2013-11-01 15:25:44 +01:00
Martin Zimmermann
cac4694f43 cache PBKDF2 hash, closes #18
Markdown conversion is not the reason for 2s per 100 comments response,
the hash function is. When using the email/remote_addr from cache, the
response time is pretty fast.

* when uWSGI is available, use their caching framework

* for multi-threaded environment (the default), use a simple cache
  shipped with werkzeug
2013-11-01 15:08:16 +01:00
Martin Zimmermann
74ab58167e replace abort(code) with proper exceptions and refactor request dispatch 2013-11-01 12:46:51 +01:00
Martin Zimmermann
2794734258 remove Jinja2 dependency 2013-11-01 12:26:39 +01:00
Martin Zimmermann
c96913f221 remove static/post.html from MANIFEST.in 2013-10-31 17:39:45 +01:00
Martin Zimmermann
4a59ad95c3 rewrite website integration part 2013-10-31 17:16:08 +01:00
Martin Zimmermann
dea4c88162 remove admin interface fragments 2013-10-31 17:14:32 +01:00
Martin Zimmermann
2cac3f0567 detect Isso API endpoint when using *.dev.js script 2013-10-31 12:33:19 +01:00
Martin Zimmermann
d19933072f move developer section from CONTRIBUTING into its own document 2013-10-31 11:57:34 +01:00
Martin Zimmermann
2a2cfe4644 include uncompressed JS files for debugging purposes 2013-10-31 11:23:58 +01:00
Martin Zimmermann
e08e7be464 remove stale threads after all comments have been deleted 2013-10-31 11:08:00 +01:00
Martin Zimmermann
a658021f7e fix unittest for 1358fac and extend internal documentation 2013-10-31 10:44:46 +01:00
Martin Zimmermann
1358fac258 fix empty thread title due premature HTTP connection closing 2013-10-30 19:41:41 +01:00
Martin Zimmermann
ceb804e01b Back to development: 0.3 2013-10-30 16:22:44 +01:00
Martin Zimmermann
319492fa42 Preparing release 0.2.1 2013-10-30 16:21:36 +01:00
Martin Zimmermann
1b8dcc3de7 point to new isso website, also include changelog 2013-10-30 16:16:54 +01:00
Martin Zimmermann
55b6b283b8 use uWSGIs locking 2013-10-30 10:52:06 +01:00
Martin Zimmermann
9a8e0b524e build notify mail with first hostname 2013-10-30 10:06:28 +01:00
Martin Zimmermann
0c7a4e44f9 disable werkzeug connection log 2013-10-30 10:06:09 +01:00